package cn.jinjimi.app.webview.utils;

import android.net.http.SslCertificate;
import android.net.http.SslError;
import android.webkit.SslErrorHandler;
import android.webkit.WebResourceRequest;
import android.webkit.WebResourceResponse;
import android.webkit.WebView;
import android.webkit.WebViewClient;

import cn.jinjimi.app.modules.Resource.NetResourceManager;

import java.io.IOException;

/**
 * Created by Roy
 * Date: 2017/6/28
 * @author zhenhua
 */

public class BaseWebViewClient extends WebViewClient {

    @Override
    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
        if (error.getPrimaryError() == SslError.SSL_DATE_INVALID
                || error.getPrimaryError() == SslError.SSL_EXPIRED
                || error.getPrimaryError() == SslError.SSL_INVALID
                || error.getPrimaryError() == SslError.SSL_UNTRUSTED) {
            if (chkMySSLCNCert(error.getCertificate())) {
                handler.proceed();
            }
        }
    }

    private boolean chkMySSLCNCert(SslCertificate cert) {
        /*
        Bundle bundle = SslCertificate.saveState(cert);
        byte[] bytes = bundle.getByteArray("x509-certificate");
        if (bytes != null) {
            try {
                CertificateFactory cf = CertificateFactory.getInstance("X.509");
                Certificate ca = cf.generateCertificate(new ByteArrayInputStream(bytes));
                MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
                byte[] key = sha256.digest(((X509Certificate) ca).getEncoded());
                //return Arrays.equals(key, CrtSha256) || Arrays.equals(key, CDNCrtSha256) || Arrays.equals(key, CrtSha256);
            } catch (Exception Ex) {
            }
        }
        */
        return true;
    }
}
